Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2014-0160

OpenSSL | OpenSSLAdded 2022-05-04Remediation Deadline 2022-05-25

OpenSSL Information Disclosure Vulnerability

The TLS and DTLS implementations in OpenSSL do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-125

References